とある診断員とSecurity-JAWS#02座学資料

Slide 1

Slide 1 text

ͱ͋Δ਍அһͱ4FDVSJUZ+"84 ࠲ֶฤࢿྉ

Slide 2

Slide 2 text

໨࣍ Πϕϯτ֓ཁ ߨࢣ঺հ "84ηΩϡϦςΟͷجૅߨٛ "84ʹର͢Δ߈ܸͷઆ໌ ՝୊આ໌ ՝୊࣮ࢪ ৼΓฦΓ

Slide 3

Slide 3 text

Πϕϯτ֓ཁ ● ֓ཁ ● ΠϕϯτͷਐΊํ ● λΠϜςʔϒϧ

Slide 4

Slide 4 text

֓ཁ ຊΠϕϯτͰ͸ɺΫϥ΢υ؀ڥͳΒͰ͸ͷηΩϡϦ ςΟΠϯγσϯτϨεϙϯεΛܦݧ͢Δ͜ͱΛ໨త ͱͯ͠ɺ৵֐͞Εͯ͠·ͬͨ"84؀ڥʹରͯ͠ௐ ࠪΛߦ͍·͢ɻ Քಇ͍ͯͨ͠&$αʔόʔ΍ϚωʔδυαʔϏεɺ ֤छΞΫηεϩάɺ"84؀ڥͷઃఆঢ়گΛղੳ͠ ͯɺ৵֐ͷݪҼ΍ඃ֐ൣғͷಛఆɺҰ࿈ͷ߈ܸ΁ͷ ରࡦҊͷݕ౼Λߦ͍·͢ɻ

Slide 5

Slide 5 text

ֶश໨ඪ ● "84؀ڥͷηΩϡϦςΟΛֶͿ ޕલ ● ࣮ફతͳ"84؀ڥͷΠϯγσϯτௐࠪΛ௨ͯ͡ "84؀ڥͰͷରࡦΛମݧ͠׆͔͢ ޕޙ

Slide 6

Slide 6 text

ߨࢣ঺հ ● ӓాՂ༞ ● ऱ࡚ढ़

Slide 7

Slide 7 text

ߨࢣ঺հӓాՂ༞ Ϋϥεϝιουגࣜձࣾ ɾ"84ࣄۀຊ෦ ιϦϡʔγϣϯΞʔΩςΫτ ηΩϡϦςΟνʔϜϦʔμʔ ɾ4FDVSJUZ+"84ӡӦ ɾ޷͖ͳαʔϏε "848"'Ϛωʔδυϧʔϧ ɾ୲౰"84؀ڥߏங https://dev.classmethod.jp/author/usuda-keisuke/

Slide 8

Slide 8 text

ߨࢣ঺հऱ࡚ढ़ ऱ࡚ ढ़ʢ4IVO4V[BLJʣ ࡾҪ෺࢈ηΩϡΞσΟϨΫγϣϯגࣜձࣾʹॴଐ ϖωτϨʔγϣϯςετͳͲΛத৺ͱͨ͠ηΩϡϦςΟαʔϏεఏڙʹ ैࣄ͢Δɺͱ͋ΔηΩϡϦςΟΤϯδχΞ 公開スライド:http://www.slideshare.net/zaki4649/ Blog:http://tigerszk.hatenablog.com/ 著書（翻訳）:詳解HTTP/2 Twitter:とある診断員@tigerszk ● ISOG-J WG1 ● Burp Suite Japan User Group ● OWASP JAPAN Promotion Team ● #ssmjp ● MINI Hardening Project I‘M A CERTAIN PENTESTER! ୲౰ɿ߈ܸγφϦΦ࡞੒

Slide 9

Slide 9 text

"84ηΩϡϦςΟͷجૅߨٛ ● "84ηΩϡϦςΟجૅ ● ࠷ۙͷ߈ܸऀͷಈ޲ ● "84ͰͷηΩϡϦςΟରࡦ

Slide 10

Slide 10 text

ηΩϡϦςΟͷલʹͦ΋ͦ΋"84ͷϝϦοτͱ͸ʁ "84ͷ Ϋϥ΢υ͕બ͹ΕΔ ͷཧ༝ IUUQTBXTBNB[PODPNKQBXTUFOSFBTPOT ཧ༝ॳظඅ༻θϩʗ௿Ձ֨

Slide 11

Slide 11 text

ηΩϡϦςΟͷલʹͦ΋ͦ΋"84ͷϝϦοτͱ͸ʁ ॊೈੑ΍ढ़හੑ

Slide 12

Slide 12 text

ηΩϡϦςΟͷલʹͦ΋ͦ΋"84ͷϝϦοτͱ͸ʁ ϚωʔδυαʔϏεʹΑΔӡ༻ෛՙͷܰݮ

Slide 13

Slide 13 text

ηΩϡϦςΟͷલʹͦ΋ͦ΋"84ͷϝϦοτͱ͸ʁ ߴ͍ηΩϡϦςΟΛ֬อͰ͖Δͷ΋ϝϦοτ

Slide 14

Slide 14 text

ϝϦοτ͸͍Ζ͍Ζ͋Δ ● શͯ͸ϏδωεΛՃ଎͢ΔͨΊʹ͋Δ ● ηΩϡϦςΟ΋ϏδωεΛՃ଎ͤ͞ΔͨΊʹ͋ Δ ● ηΩϡϦςΟ͕ͦΕΛ๦֐ͯ͠͸ͳΒͳ͍ ● "84Ͱ͸ಛʹଞͷཁૉͱτϨʔυΦϑͤͣʹη ΩϡϦςΟΛڧԽͰ͖Δ ߈ΊͷηΩϡϦςΟ ● ໨త͸ҰॹͳΒखΛऔΓ߹͍ਐΊΒΕΔ

Slide 15

Slide 15 text

"84ηΩϡϦςΟجૅ "84ͷηΩϡϦ ςΟͰ·ͣҙࣝ ͢Δͷ͸੹೚ڞ ༗Ϟσϧ "84ͱϢʔβʔ ͷ੹೚Λ࣋ͭൣ ғ͸໌֬

Slide 16

Slide 16 text

"84ηΩϡϦςΟجૅ "84ηΩϡϦςΟ͸େ͖͘෼͚Δͱͭ ● "84ϨΠϠʔͷηΩϡϦςΟ ˓ "84ಛ༗ͷ΋ͷͳͷͰ֮͑Δ ● 04ϨΠϠʔҎ্ͷηΩϡϦςΟ ˓ طଘͱಉ͡Ͱ஌ࣝΛ࢖͍ճͤΔ ˓ "84΍αʔυύʔςΟͷΤίγεςϜΛ׆༻Ͱ͖Δ

Slide 17

Slide 17 text

"84ηΩϡϦςΟجૅ"84ϨΠϠʔ ● ඞͣ࢖͏"84αʔϏε ˓ $MPVE5SBJM ˙ "84ͷ"1*࣮ߦཤྺΛอଘ͢Δ ˙ ٯʹݴ͏ͱϢʔβʔଆͰऔಘ͢Δඞཁ͕͋Δ ˓ $POGJH ˙ "84ϦιʔεͷมߋཤྺΛอଘ͢Δ ˓ (VBSE%VUZ ˙ *".&$4ͷ༷ʑͳڴҖΛݕ஌͢Δ ˙ ίΠϯϚΠχϯάͱ͔ΞΫηεΩʔ࿙Ӯͱ͔

Slide 18

Slide 18 text

"84ηΩϡϦςΟجૅ"84ϨΠϠʔ ● ॏཁͳઃఆ ˓ 4ͷΞΫηε੍ޚ ˙ ઈରʹେࣄͳ৘ใΛެ։͠ͳ͍ ˙ όέοτϙϦγʔ"$-ύϒϦοΫΞΫηεϒϩ οΫͳͲෳ਺ͷ੍ޚखஈ͕͋Δ ˓ *".6TFSͷΞΫηεΩʔ؅ཧ ˙ ઈରʹίʔυʹຒΊࠐΜͰ(JUͰެ։͠ͳ͍ ˓ 4FDVSJUZ(SPVQ ˙ 44)3%1ͳͲΛͰެ։ͨ͠Γ͠ͳ͍

Slide 19

Slide 19 text

"84ηΩϡϦςΟجૅ04ϨΠϠʔҎ্ ● 04ηΩϡϦςΟ͸͕Μ͹Δ ● "848"'͸҆ͯ͘਌࿨ੑͷߴ͍8"' ● ϩάϝτϦΫε͸$MPVE8BUDI ● ϩά෼ੳ͸"UIFOBՄࢹԽʹ2VJDL4JHIU ● ೝূ͸$PHOJUP ˓ ϦεΫϕʔεೝূͳͲՄೳ ● ίϯςφΠϝʔδ͸&$3ϦϙδτϦεΩϟϯ

Slide 20

Slide 20 text

ৄࡉ͸ϒϩάͰ ʮΫϥ΢υγϑτʹ͋Θ ͤͨ"84ηΩϡϦςΟ ڧԽͷ͸͡Ίํʯͱ͍͏ λΠτϧͰొஃ͠·ͨ͠ https://dev.classmethod.jp/articles/en hanced-aws-security-in-cloud-shift/ "84ηΩϡϦςΟجૅ

Slide 21

Slide 21 text

"84ηΩϡϦςΟͷࡉ͔͍࿩ ● ηΩϡϦςΟػೳͷ࢖͍ํ ˓ $MPVE5SBJM ˓ $POGJH ˓ (VBSE%VUZ ˓ %FUFDUJWF ˓ "UIFOB

Slide 22

Slide 22 text

ηΩϡϦςΟػೳͷ࢖͍ํ$MPVE5SBJM Πϕϯτཤྺ͔Β؆୯ͳΫΤϦ͸͔͚ΕΔ ৄࡉ͸"UIFOBͰௐ΂Δ΂͠

Slide 23

Slide 23 text

"84ϩά֬ೝͷ஫ҙ఺ ● $MPVE5SBJMͷϩά͸छྨ͋Δ ˓ ؅ཧΠϕϯτ ˙ ௨ৗͷ"84؀ڥΛૢ࡞͢Δ"1*Λه࿥ ˙ ຆͲͷૢ࡞͕͜Εʹ֘౰ ˙ 5SBJMΛ༗ޮԽ͢Δͱࣗಈతʹऔಘ͞ΕΔ ˓ σʔλΠϕϯτ ˙ 4ͱ-BNCEBͷσʔλӾཡ (FU0CKFDU ΍࣮ߦ *OWPLF ͳͲͷ"1*Λه࿥ ˙ 5SBJMΛ༗ޮԽ͢Δ͚ͩͰ͸औಘ͞Εͳ͍ Ұൠతʹඅ༻͕ ര্͕Γ͢ΔͨΊ ˙ 5SBJMඪ४ίϯιʔϧ΍%FUFDUJWFͳͲͰ͸ݟΕͳ͍ 4ͷ ϩάΛνΣοΫ͢Δඞཁ͕͋Δ

Slide 24

Slide 24 text

"84"1*ͷ໊લͷେମͷ๏ଇ ● ໊લΛݟͨΒ͍͍ͩͨԿ͍ͯ͠Δ͔Θ͔Δ ● େ͖͘छྨ ˓ ಡΈࠐΈ ୯ମऔಘ (FU ˓ Ϧετ ෳ਺औಘ -JTU ˓ ॻ͖ࠐΈ ࡞੒ɾ࣮ߦͳͲ 1VU $SFBUF౳ ● Πϯγσϯτ࣌ʹಛʹؾʹ͢Δͷ͸ҎԼ ˓ ॻ͖ࠐΈܥ ˓ ݖݶͷૢ࡞ *".ͷૢ࡞

Slide 25

Slide 25 text

ηΩϡϦςΟػೳͷ࢖͍ํ$POGJH ϦιʔελΠϓ΍*%ͰߜΓࠐΈ

Slide 26

Slide 26 text

ηΩϡϦςΟػೳͷ࢖͍ํ$POGJH ઃఆλΠϜϥΠϯͰมߋཤྺΛ֬ೝ

Slide 27

Slide 27 text

ηΩϡϦςΟػೳͷ࢖͍ํ$POGJH ࣌ؒຖͷม ߋՕॴ͕֬ ೝͰ͖Δ

Slide 28

Slide 28 text

ηΩϡϦςΟػೳͷ࢖͍ํ(VBSE%VUZ ݕ஌ͨ͠'JOEJOHTΛӈଆͰৄࡉ֬ೝ ʮ-FBSO.PSFʯ͔ΒΑΓৄࡉʹ

Slide 29

Slide 29 text

ηΩϡϦςΟػೳͷ࢖͍ํ%FUFDUJWF બΜͰΞΫγϣϯ͔ΒʮௐࠪʯͰ%FUFDUJWF΁

Slide 30

Slide 30 text

ηΩϡϦςΟػೳͷ࢖͍ํ%FUFDUJWF ؔ࿈͢Δ&$Πϯελϯε΍*".ͳͲ͕ฒΜͰΔ ୧Γͳ͕ΒԿ͕ߦΘΕ͍ͯΔ͔֬ೝ͢Δ

Slide 31

Slide 31 text

ηΩϡϦςΟػೳͷ࢖͍ํ%FUFDUJWF ֘౰ΫϨσϯγϟϧ͔ΒͲͷ"1*͕࣮ߦ͞Ε͔ͨ Ͳͷ*1͔Β࣮ߦ͞Ε͔ͨαϚϦͰදࣔ

Slide 32

Slide 32 text

ηΩϡϦςΟػೳͷ࢖͍ํ"UIFOB ࢖͍࢝Ί͸ΫΤϦΛอଘ͢Δ৔ॴͷઃఆΛߦ͏

Slide 33

Slide 33 text

ηΩϡϦςΟػೳͷ࢖͍ํ"UIFOB "UIFOBͷΫΤϦΤϯδϯ͸1SFTUP େମී௨ͷ42-ͩͱࢥ͍͍ͬͯ ςΩτ΢ $MPVE5SBJMͷςʔϒϧߏ੒͸ҎԼࢀর https://docs.aws.amazon.com/ja_jp/athena/latest/ug/cloudtrail-logs.html

Slide 34

Slide 34 text

ηΩϡϦςΟػೳͷ࢖͍ํ"UIFOB ओཁͳ߲໨ ● FWFOU5JNF"1*ίʔϧͨ࣌ؒ͠ ● FWFOU/BNF"1*ͷ໊લ ● FWFOU4PVSDF"1*ͷର৅"84αʔϏε ● BXT3FHJPOϦʔδϣϯ ● TPVSDF*Q"EESFTTૹ৴ݩ*1 ● VTFS*EFOUJUZ ˓ VTFS/BNF*".Ϣʔβ໊ ˓ TFTTJPO$POUFYUTFTTJPO*TTVFSVTFS/BNF*".ϩʔϧ໊

Slide 35

Slide 35 text

͓·͚4*&.PO"NB[PO&4 "84ͷ֤छϩάΛՄࢹԽ͢Δ044ͷ4*&.ιϦϡʔγϣϯ ʮ4*&.PO"NB[PO&4ʯ͕"84͔Βެ։͞ΕͨͷͰ $MPVE5SBJMϩάΛՄࢹԽͯ͠Έͨ https://dev.classmethod.jp/articles/getting-started-siem-on-amazon-elasticsearch-service/

Slide 36

Slide 36 text

"84ʹର͢Δ߈ܸͷઆ໌ ● ΫϨσϯγϟϧͷ࿙Ӯ ݖݶঢ֨ ● 443'

Slide 37

Slide 37 text

ΫϨσϯγϟϧͷ࿙Ӯ ● ీʹ΋֯ʹ΋*".ΫϨσϯγϟϧ͕࿙Ӯ͢Δ ˓ *".6TFSͷΞΫηεΩʔΛϋʔυίʔυ͠ͳ͍ ˓ HJUTFDSFUTΛར༻͢Δ ˓ શͯͷ"84ར༻ऀʹ*".ͷجຊతͳڭҭΛߦ͏ ˙ ࠷௿ݶͷηΩϡϦςΟશൠͦ͏͚ͩͲ ˓ ։ൃɾݕূ؀ڥͦ͜༉அ͠ͳ͍ ˓ ෆཁͳΞΫηεΩʔ࡞੒Λݕ஌ɾ๷ࢭ͢Δ ˓ (VBSE%VUZͰෆਖ਼ར༻Λݕ஌͢Δ ˓ ηΩϡϦςΟʹؔ͢Δ࿈བྷઌͰϝʔϧΛνΣοΫ͢Δ

Slide 38

Slide 38 text

ݖݶ͕ߜΒΕ͍ͯͯ΋ݖݶঢ֨͞ΕΔ ● 1PXFS6TFS͸౰વ΍ΒΕΔ ϚΠχϯά ● ࿙Ӯͨ͠ݖݶ͕"ENJO΍1PXFS6TFSͰͳͯ͘΋ ༉அͯ͠͸͍͚ͳ͍ɺݖݶঢ֨͞ΕΔ৔߹΋͋ Δ ● ݹ͍ϙϦγʔόʔδϣϯ͔Βঢ֨ ● &$༻ͷ*".3PMF ΠϯελϯεϓϩϑΝΠϧ ● JBN1BTT3PMF͔Β-BNCEB΍$MPVE'PSNBUJPO

Slide 39

Slide 39 text

● &$ʹ͸ϝλσʔλαʔϏε͕͋Δ ● ʹΞΫηε͢Δͱ৭ʑऔΕΔ ● &$ʹΞλον͞Ε͍ͯΔ*".3PMFͷҰ࣌ΫϨσϯ γϟϧ΋औಘͰ͖Δ ● 443' 4FSWFS4JEF3FRVFTU'PSHFSZ ͸߈ܸऀ͔Β ௚઀౸ୡͰ͖ͳ͍αʔόʔʹର͢Δ߈ܸख๏ͷҰछ ● ৄࡉ͸443' 4FSWFS4JEF3FRVFTU'PSHFSZ పఈೖ ໳ cಙؙߒͷ೔ه ˓ https://blog.tokumaru.org/2018/12/introduction-to-ssrf-server-side-request-forgery.html 443'

Slide 40

Slide 40 text

443' ● ࠷ۙ͸*.%4WΛར༻͢Δ͜ͱ΋Ͱ͖Δ ˓ ͨͩະରԠͷ෦෼͕ଟ͍ ˓ ׬ᘳʹ๷͛ΔΘ͚Ͱ͸ͳ͍ ● ͦ΋ͦ΋೚ҙ63-Λड͚औΔॲཧ͕ඞཁ͔Ͳ͏ ͔Λݕ౼

Slide 41

Slide 41 text

՝୊આ໌ ● എܠ ● ΞϓϦέʔγϣϯઆ໌ ● "84؀ڥઆ໌ ● Πϯγσϯτઆ໌ ● Ξϓϩʔνઆ໌ ● ՝୊આ໌

Slide 42

Slide 42 text

എܠ ࣌͸99೥ɺ৘ใηΩϡϦςΟք۾Ͱ͸ ʮ4FDVUUFSʯͱ͍͏Ϣʔβʔ౤ߘܕͭͿ΍͖αΠτ͕ ྲྀߦ͍ͯͨ͠ɻ ͋Δ೔ɺεʔύʔΠϯγσϯτϋϯυϥʔͷ͋ͳͨͷ ΋ͱʹҰͭͷґཔ͕෣͍ࠐΜͰ͖ͨʜ ʮ4FDVUUFS͕΍ΒΕͨʂʂʯ ͦͷ೔͔Βɺ৘ใηΩϡϦςΟք۾ͷྺ࢙͕มΘͬͨ ͷͰ͋Δ

Slide 43

Slide 43 text

ొ৔ਓ෺ ● 4FDVUUFSࣾ ˓ $&0ࠓճͷґཔओɻ4FDVUUFSͷ૑ۀऀʹͯ͠α ʔϏε։ൃऀɻ ˓ ΤϯδχΞ"#$4FDVUUFSͷ։ൃӡ༻อकͳΜ Ͱ΋΍Γ·͢ɻத਎͸զʑɻ ˓ TVQFSEFWFMPQFS࠷ۙδϣΠϯͨ͠εʔύʔͳ σϕϩούʔɻ4FDVUUFSΛαʔόʔϨεʹϦχ ϡʔΞϧ͢ΔͨΊʹςετΛ͍ͯͨ͠ɻ

Slide 44

Slide 44 text

ґཔ಺༰ ● $&0ʮ͓͓ͬɺΑ͘དྷͯ͘Εͨɺ͖Έʂ࣮͸ 4FDVUUFS͸"84্Ͱಈ͔͍ͯ͠Δͷ͕ͩɺઌఔ "84͔Β"CVTFϨϙʔτ͕ಧ͍ͯɺௐ΂ͯΈͨΒ 4FDVUUFSͷ"84ΞΧ΢ϯτ্ͰίΠϯϚΠφʔ͕ ಈ͍͍ͯͨΜͩʂͱΓ͋͑ͣαʔϏε͸Ұ࣌ఀࢭ͠ ͯίΠϯϚΠφʔΛࢭΊͨΓόοΫΞοϓΛऔಘ͠ ͨΓͨ͠ɻ͜ͷ"84؀ڥͷௐࠪΛ͖Έʹ͓ئ͍ͨ͠ ͍ʂʯ

Slide 45

Slide 45 text

ΞϓϦέʔγϣϯৄࡉ ηΩϡΞͳͭͿ΍͖ܕ4/4ʮ4FDVUUFSʯ ओͳػೳ ● ϩάΠϯ ● ϓϩϑΟʔϧมߋ ● ͭͿ΍͖౤ߘ ● ͍͍Ͷ

Slide 46

Slide 46 text

ΞϓϦέʔγϣϯৄࡉ 4FDVUUFSͷཪଆ Nginx PHP MySQL Client Internet Intranet

Slide 47

Slide 47 text

"84؀ڥઆ໌ શମ૾͸͜Μ ͳײ͡

Slide 48

Slide 48 text

"84؀ڥઆ໌ ● Α͋͘Δ૚ߏ଄8FCΞϓϦέʔγϣϯ ˓ ϑϩϯτ͸"-# ˓ 8FCαʔόʔͰ&$ ˓ %#͸3%4 .Z42- ˓ ౿Έ୆αʔόʔ͸؅ཧऀ͕44)͢Δ ● ϩά͸4 ˓ "84ϩά͸"84-PHT΁ ˓ ΞϓϦϩά͸4FDVUUFS-PHT΁

Slide 49

Slide 49 text

Πϯγσϯτઆ໌ ● ࣌ࠒ"84͔Βͷ"CVTFϨϙʔ τ ϝʔϧ ʹͯΠϯγσϯτ͕ൃੜͨ͜͠ͱΛ֬ ೝ ● (VBSE%VUZʹͯΦϨΰϯϦʔδϣϯͰෆਖ਼ͳ &$͕࡞੒͞ΕԾ૝௨՟͕࠾۷ʢϚΠχϯάʣ ͞Ε͍ͯΔ͜ͱΛ֬ೝ͠ఀࢭ ● 4FDVUUFSαʔϏε΋৵֐͞Ε͍ͯΔՄೳੑ͕͋ Δ

Slide 50

Slide 50 text

Πϯγσϯτઆ໌ ● ؀ڥอશͷͨΊɺTFDVUUFSQSEXFC&$ͷ ".*όοΫΞοϓΛऔಘ ● ௐࠪ༻VCVOUVΛ࡞੒͠෮ݩͨ͠ΛϚ΢ϯτ ● ֘౰࣌ؒͷ4FDVUUFSΞϓϦϩά"84ϩάΛ DBNQTFDVUUFSMPHTDBNQ BXTMPHTόέοτʹෳ੡ ● "UIFOBͰ্هϩάΛղੳͰ͖ΔΑ͏४උ

Slide 51

Slide 51 text

Πϯγσϯτઆ໌ ● ॳಈରԠޙ ͷ؀ڥ

Slide 52

Slide 52 text

՝୊આ໌ ● ֤छϩάΛௐࠪ͠ɺҎԼͷ؍఺Ͱௐࠪ಺༰Λ·ͱ Ί͍ͯͩ͘͞ɻ ˓ ࠓճͷΠϯγσϯτʹ͍ͭͯ4FDVUUFSαʔϏε΁ͷӨ ڹͷ༗ແΛ֬ೝͯ͠ใࠂ͍ͯͩ͘͠͞ɻ ˓ ෆਖ਼ͳ&$͕ಈ࡞͍ͯͨ͠ݪҼʹ͍ͭͯௐࠪΛͯ͘͠ ͍ͩ͞ɻ ˓ αʔϏε࠶։ͷͨΊͷରࡦҊʹ͍ͭͯఏҊ͍ͯͩ͘͠͞ɻ ˓ ഑෍ͨ͠ใࠂॻςϯϓϨʔτ͸ࣗ༝ʹ࢖͍ͬͯͩ͘͞ ఏग़ͷඞཁ͸͋Γ·ͤΜ

Slide 53

Slide 53 text

Ξϓϩʔνઆ໌ ● ҎԼͷͲΕ͔޷͖ͳͱ͜Ζ͔Β࢝ΊΔͱྑͦ͞ ͏ ˓ ෆਖ਼ͳ&$͕ىಈ͞Εͨํ๏͔Β ˓ (VBSE%VUZͷݕ஌ͨ͠಺༰͔Β ˓ 8FCαʔόʔͷத਎͔Β ˓ /HJOYͷϩά͔Β ˓ ࣮ࡍͷ8FCΞϓϦͷಈ͖͔Β

Slide 54

Slide 54 text

"UIFOB࢖༻։࢝࣌ͷઃఆ ● ࢖༻։࢝࣌ͷઃఆ ˓ <4FUUJOHT> <2VFSZSFTVMUMPDBUJPO>ʹ TBXT BUIFOBRVFSZSFTVMUTBQ OPSUIFBTUΛઃఆ͢Δ ● ࢖͍ํͷίπ ˓ ΫΤϦޙӈͷϘλϯ͔Β$47μ΢ϯϩʔυͨ͠΄͏ ͕͜Ͷ͜Ͷ͠΍͍͢

Slide 55

Slide 55 text

৵֐͞Εͨ&$؀ڥͷௐࠪʹ͍ͭͯ ● ৵֐͞Εͨ&$؀ڥ͸ࣄނ౰೔ʹεφοϓγϣοτ͕औಘ͞Εɺอ શ͞Ε͍ͯ·͢ɻ ● ͜ͷεφοϓγϣοτΛར༻ͯ͠ɺϘϦϡʔϜΛ෮ݩ͠ɺ৵֐ ͞Εͯ͠·ͬͨ&$಺ͷϦιʔεΛௐࠪ͠·͢ɻ ● ࠓճͷԋशͰ͸&$ͷσΟεΫΠϝʔδΛར༻ͯ͠ɺϩʔΧϧͰௐ ࠪΛߦ͍·͢ɻ ● ௐࠪํ๏ʹ͍ͭͯ͸Πϕϯτࣄલ഑෍ࢿྉͷʮ৵֐͞Εͨ&$؀ڥ ͷσΟεΫΠϝʔδʹؔ͢Δௐࠪʹ͍ͭͯʯΛ֬͝ೝ͍ͩ͘͞ɻ 【参考】AWS EC2 のHDD解析（フォレンジック） https://ierae.co.jp/blog/awsec2-hdd-analytics/

Slide 56

Slide 56 text

ௐࠪͷϙΠϯτ ͔͜͜Β͸ɺࠓ··Ͱ͋·ΓϩάղੳΛ΍ͬͨ͜ͱ͕ ͳ͍ਓ޲͚ʹɺௐࠪͷϙΠϯτΛ؆୯ʹઆ໌͠·͢ɻ ࣗ৴͕͋Δํ͸ղੳΛελʔτ͍͍ͯͨͩͯ͠΋શવ 0,Ͱ͢ʂ

Slide 57

Slide 57 text

͜Μͳײ͡Ͱௐࠪ͢Δͱྑ͍͔΋ ͜Ε͸͋͘·Ͱਪ঑ͷΞϓϩʔνͰɺઈର͜͏͠ͳ͚Ε͹ͳΒͳ ͍ͱ͍͏΋ͷͰ͸͋Γ·ͤΜɻղੳ࣌ͷࢀߟͱ͍ͯͩ͘͠͞ɻ ● ·ͣ͸ศརͳ%FUFDUJWFͷػೳΛ্ख͘࢖͓͏ʂ (VBSE%VUZͰͷݕग़߲໨ΛτϦΨͱͯ͠ɺ%FUFDUJWFΛར༻ͯ͠ɺ ߈ܸऀͷେ·͔ͳಈ͖΍߈ܸʹؔ࿈͢ΔϦιʔεΛνΣοΫͯ͠Έ Α͏ ˓ ߈ܸऀͷ*1ΞυϨεԿ͔ʁ ˓ ߈ܸʹؔ࿈͢Δ"84ͷϦιʔε͸ʁ ˓ ո͛͠ͳ"1*Λ࣮ߦ͍ͯ͠ͳ͍ͩΖ͏͔ʁ ˓ ࣄ৅Λݕग़͍ͯͨ࣌ؒ͠͸ʁ

Slide 58

Slide 58 text

͜Μͳײ͡Ͱௐࠪ͢Δͱྑ͍͔΋ ● "84ͷϦιʔε΋֬ೝ %FUFDUJWFͷ಺༰͔Βɺ߈ܸʹؔ࿈͢Δͱ͞Ε͍ͯͨϦιʔεͷத ਎Λ࣮ࡍʹ֬ೝͯ͠ΈΔɻ ˓ Կ͔͓͔͠ͳ఺͸ͳ͍͔ʁ ˓ ߈ܸऀʹΑͬͯ࡞੒ͨ͠΋ͷ͕͋Δ͔΋͠Εͳ͍ɻ ● ෼͔ͬͨ͜ͱΛҰ୴੔ཧ ϩάΛݟΔલʹҰ୴৘ใΛ੔ཧͯ͠ղੳͷํ਑Λཱͯ·͠ΐ͏ ˓ ೺Ѳͨ͜͠ͱΛฒ΂ͯΈΔɻ ˓ ݱࡏ൑໌͍ͯ͠Δࣄ৅Λجʹɺ߈ܸΛਪଌͯ͠ΈΔɻ ˓ ௐ΂Δ΂͖͜ͱ͸Կ͔ϙΠϯτΛߜͬͯΈΔɻ

Slide 59

Slide 59 text

͜Μͳײ͡Ͱௐࠪ͢Δͱྑ͍͔΋ ● ֤छϩάͷղੳΛߦ͏ ઌ΄Ͳཱͯͨํ਑Λجʹɺ֤छϩά $MPVE5SBUJMɺ/HJOYɺ&$಺ ͷϦιʔεɺ3%4 Λݟͯߦ͖·͠ΐ͏ ˓ ࠓ·Ͱʹಘͨ৘ใΛݩʹߜΓࠐΈΛߦ͍ɺϙΠϯτΛߜ֤ͬͯ छϩάΛղੳ ˓ ղੳ͢ΔதͰ൑໌ͨ͜͠ͱΛ࣌ܥྻͰॻ͖ཹΊͯΈΔɻ ˓ ߈ܸͷࠟ੻Λݟ͚ͭͨ৔߹ʹ͸ؔ࿈͢Δϩά͕ଞͷϩάʹ΋ͳ ͍͔Λ߹Θͤͯ֬ೝ͢Δͱྑ͍ɻ

Slide 60

Slide 60 text

ղઆ΁ଓ͘